package com.shop.dao;

import com.shop.bean.Seller;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

public class SellerDAO extends BaseDAO {

    // 卖家登录
    public Seller login(String username, String password) {
        try (Connection conn = getConnection();
             PreparedStatement ps = conn.prepareStatement("SELECT * FROM seller WHERE username=? AND password=?")) {
            ps.setString(1, username);
            ps.setString(2, password); // 明文密码验证
            ResultSet rs = ps.executeQuery();
            if (rs.next()) {
                Seller seller = new Seller();
                seller.setId(rs.getInt("id"));
                seller.setUsername(rs.getString("username"));
                seller.setPassword(rs.getString("password"));
                seller.setSecurityQuestion(rs.getString("security_question"));
                seller.setSecurityAnswer(rs.getString("security_answer"));
                seller.setReputation(rs.getInt("reputation"));
                return seller;
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
        return null;
    }

    // 新增：通过用户名查询卖家（不验证密码，用于密码重置）
    public Seller getSellerByUsername(String username) {
        try (Connection conn = getConnection();
             PreparedStatement ps = conn.prepareStatement("SELECT * FROM seller WHERE username=?")) {
            ps.setString(1, username);
            ResultSet rs = ps.executeQuery();
            if (rs.next()) {
                Seller seller = new Seller();
                seller.setId(rs.getInt("id"));
                seller.setUsername(rs.getString("username"));
                seller.setPassword(rs.getString("password"));
                seller.setSecurityQuestion(rs.getString("security_question"));
                seller.setSecurityAnswer(rs.getString("security_answer"));
                seller.setReputation(rs.getInt("reputation"));
                return seller;
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
        return null;
    }

    // 修改密码
    public void updatePassword(int sellerId, String newPassword) {
        try (Connection conn = getConnection();
             PreparedStatement ps = conn.prepareStatement("UPDATE seller SET password=? WHERE id=?")) {
            ps.setString(1, newPassword);
            ps.setInt(2, sellerId);
            ps.executeUpdate();
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }

    // 获取密保问题
    public String getSecurityQuestion(String username) {
        try (Connection conn = getConnection();
             PreparedStatement ps = conn.prepareStatement("SELECT security_question FROM seller WHERE username=?")) {
            ps.setString(1, username);
            ResultSet rs = ps.executeQuery();
            if (rs.next()) {
                return rs.getString("security_question");
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
        return null;
    }

    // 验证密保答案
    public boolean verifySecurityAnswer(String username, String answer) {
        try (Connection conn = getConnection();
             PreparedStatement ps = conn.prepareStatement("SELECT * FROM seller WHERE username=? AND security_answer=?")) {
            ps.setString(1, username);
            ps.setString(2, answer);
            ResultSet rs = ps.executeQuery();
            return rs.next();
        } catch (SQLException e) {
            e.printStackTrace();
        }
        return false;
    }
}